While meeting “general standards” suggested by KBA including minimum total assets, adoption of a cold wallet, anti-money laundering requirements and dozens more, the 12 exchanges met the criteria for cybersecurity standards, which the association referred to as minimum requirements.

The KBA-backed inspection was conducted through interviews by third-party experts authorized by KBA in June and July, while hacking simulation on the exchanges did not take place.

A number of encrypted coin thefts have occurred in Korea from external hacking attacks.

During the press conference, Jhun Ha-jin, head of KBA’s self-regulatory committee, said security flaws of some of the 12 exchanges were found during the inspection, but declined to fully elaborate on what the flaws were to media, citing possibility of cyberattacks.

Jhun also declined to elaborate on “huge gap in the level of handling cybersecurity risks” between the 12 exchanges, while saying they met the minimum standard overall. Meeting the security standard does not necessarily mean an immunity from hacking attacks, he added.

As for sanctions on Korean exchanges’ won-denominated bank account adoption, no association-led discussion for relief is being made with either authorities or banks, according to Jhun.